Lucene search

[email protected]CVE-2012-5117

HistoryNov 07, 2012 - 11:43 a.m.

CVE-2012-5117

2012-11-0711:43:14

CWE-264

[email protected]

web.nvd.nist.gov

cve-2012-5117

google chrome

svg

subresource

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.002

Percentile

61.2%

JSON

Google Chrome before 23.0.1271.64 does not properly restrict the loading of an SVG subresource in the context of an IMG element, which has unspecified impact and remote attack vectors.

Affected configurations

NVD

Node

googlechromeRange≤23.0.1271.62

googlechromeMatch23.0.1271.0

googlechromeMatch23.0.1271.1

googlechromeMatch23.0.1271.2

googlechromeMatch23.0.1271.3

googlechromeMatch23.0.1271.4

googlechromeMatch23.0.1271.5

googlechromeMatch23.0.1271.6

googlechromeMatch23.0.1271.7

googlechromeMatch23.0.1271.8

googlechromeMatch23.0.1271.9

googlechromeMatch23.0.1271.10

googlechromeMatch23.0.1271.11

googlechromeMatch23.0.1271.12

googlechromeMatch23.0.1271.13

googlechromeMatch23.0.1271.14

googlechromeMatch23.0.1271.15

googlechromeMatch23.0.1271.16

googlechromeMatch23.0.1271.17

googlechromeMatch23.0.1271.18

googlechromeMatch23.0.1271.19

googlechromeMatch23.0.1271.20

googlechromeMatch23.0.1271.21

googlechromeMatch23.0.1271.22

googlechromeMatch23.0.1271.23

googlechromeMatch23.0.1271.24

googlechromeMatch23.0.1271.26

googlechromeMatch23.0.1271.30

googlechromeMatch23.0.1271.31

googlechromeMatch23.0.1271.32

googlechromeMatch23.0.1271.33

googlechromeMatch23.0.1271.35

googlechromeMatch23.0.1271.36

googlechromeMatch23.0.1271.37

googlechromeMatch23.0.1271.38

googlechromeMatch23.0.1271.39

googlechromeMatch23.0.1271.40

googlechromeMatch23.0.1271.41

googlechromeMatch23.0.1271.44

googlechromeMatch23.0.1271.45

googlechromeMatch23.0.1271.46

googlechromeMatch23.0.1271.49

googlechromeMatch23.0.1271.50

googlechromeMatch23.0.1271.51

googlechromeMatch23.0.1271.52

googlechromeMatch23.0.1271.53

googlechromeMatch23.0.1271.54

googlechromeMatch23.0.1271.55

googlechromeMatch23.0.1271.56

googlechromeMatch23.0.1271.57

googlechromeMatch23.0.1271.58

googlechromeMatch23.0.1271.59

googlechromeMatch23.0.1271.60

googlechromeMatch23.0.1271.61

VendorProductVersionCPE
googlechrome23.0.1271.49cpe:/a:google:chrome:23.0.1271.49:::
googlechrome23.0.1271.33cpe:/a:google:chrome:23.0.1271.33:::
googlechrome23.0.1271.0cpe:/a:google:chrome:23.0.1271.0:::
googlechrome23.0.1271.57cpe:/a:google:chrome:23.0.1271.57:::
googlechrome23.0.1271.32cpe:/a:google:chrome:23.0.1271.32:::
googlechrome23.0.1271.26cpe:/a:google:chrome:23.0.1271.26:::
googlechrome23.0.1271.4cpe:/a:google:chrome:23.0.1271.4:::
googlechrome23.0.1271.31cpe:/a:google:chrome:23.0.1271.31:::
googlechrome23.0.1271.61cpe:/a:google:chrome:23.0.1271.61:::
googlechrome23.0.1271.2cpe:/a:google:chrome:23.0.1271.2:::

Vendor	Product	Version	CPE
google	chrome	23.0.1271.49	cpe:/a:google:chrome:23.0.1271.49:::
google	chrome	23.0.1271.33	cpe:/a:google:chrome:23.0.1271.33:::
google	chrome	23.0.1271.0	cpe:/a:google:chrome:23.0.1271.0:::
google	chrome	23.0.1271.57	cpe:/a:google:chrome:23.0.1271.57:::
google	chrome	23.0.1271.32	cpe:/a:google:chrome:23.0.1271.32:::
google	chrome	23.0.1271.26	cpe:/a:google:chrome:23.0.1271.26:::
google	chrome	23.0.1271.4	cpe:/a:google:chrome:23.0.1271.4:::
google	chrome	23.0.1271.31	cpe:/a:google:chrome:23.0.1271.31:::
google	chrome	23.0.1271.61	cpe:/a:google:chrome:23.0.1271.61:::
google	chrome	23.0.1271.2	cpe:/a:google:chrome:23.0.1271.2:::